EMA’s Christopher Steffen on the Importance of Open Source Solutions in Threat Intelligence (Black Hat Edition)

In our latest special episode of the Future of Threat Intelligence podcast, David catches Christopher Steffen, VP of Research, Information Security at Enterprise Management Associates, at the Black Hat conference. They discuss the current landscape of cybersecurity, emphasizing the need for CISOs to focus on foundational technologies rather than getting caught up in the hype of AI. 

Chris highlights the value of open-source solutions in addressing real-world challenges like API and data security, noting their responsiveness compared to traditional vendors. He also provides practical advice for evaluating new technologies, encouraging listeners to consider innovative smaller companies that are driving change in the industry. 

Topics discussed:

• The importance of foundational technologies over the hype surrounding AI in cybersecurity solutions.  
• How open-source solutions are becoming viable for enterprise-class problems, offering responsiveness and cost-effectiveness compared to traditional vendors.  
• How the cybersecurity landscape is evolving, with a focus on addressing real-world challenges like API security and data protection.  
• How CISOs should prioritize technologies that solve immediate problems rather than relying on aspirational features from vendors.  
• The value of evaluating new products through documented use cases to ensure they meet organizational needs effectively.  
• How smaller, innovative companies are driving significant advancements in cybersecurity, offering unique solutions that larger vendors may overlook.    

Key Takeaways: 

• Evaluate new cybersecurity technologies based on documented use cases to ensure they address your organization's specific needs effectively.  
• Prioritize foundational technologies over the latest AI trends to tackle immediate cybersecurity challenges in your organization.  
• Leverage open source solutions to enhance API security and data protection, taking advantage of their responsiveness and low cost.  
• Engage with smaller, innovative companies that are driving advancements in cybersecurity, as they often provide unique and effective solutions.  
• Focus on automation within your SOC to streamline alert management and reduce the burden on your team.  
• Monitor compliance requirements regularly to ensure your cybersecurity strategies align with evolving regulations and standards.  
• Collaborate with your team to identify core technological problems that need immediate attention, rather than getting distracted by aspirational features. 

If you’re interested in Team Cymru’s latest research, download our “Voice of a Threat Hunter 2024” report here: https://www.team-cymru.com/voth2.0